Date: Sun, 2 Aug 2015 20:16:27 +0000 (UTC) From: Olli Hauer <ohauer@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r393442 - head/mail/postfix Message-ID: <201508022016.t72KGR06023523@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ohauer Date: Sun Aug 2 20:16:26 2015 New Revision: 393442 URL: https://svnweb.freebsd.org/changeset/ports/393442 Log: - update to 2.11.6 20150501 Support for Linux 4.*, and some simplification for future makedefs files. Files: makedefs, util/sys_defs.h. 20150718 Security: opportunistic TLS by default uses "medium" or stronger ciphers instead of "export" or stronger. See the RELEASE_NOTES file for how to get the old settings back. Files: global/mail_params.h, proto/TLS_README.html, proto/postconf.proto, and files derived from those. 20150719 Security: Postfix TLS support by default no longer uses SSLv2 or SSLv3. See the RELEASE_NOTES file for how to get the old settings back. Files: global/mail_params.h, proto/postconf.proto, and files derived from those. Incompatible change with Postfix 2.11.6 / 3.0.2 ------------------------------------------------- As of the middle of 2015, all supported Postfix releases no longer enable "export" grade ciphers for opportunistic TLS, and no longer use the deprecated SSLv2 and SSLv3 protocols for mandatory or opportunistic TLS. These changes are very unlikely to cause problems with server-to-server communication over the Internet, but they may result in interoperability problems with ancient client or server implementations on internal networks. To address this problem, you can revert the changes with: Postfix SMTP client settings: lmtp_tls_ciphers = export smtp_tls_ciphers = export lmtp_tls_protocols = !SSLv2 smtp_tls_protocols = !SSLv2 lmtp_tls_mandatory_protocols = !SSLv2 smtp_tls_mandatory_protocols = !SSLv2 Postfix SMTP server settings: smtpd_tls_ciphers = export smtpd_tls_protocols = smtpd_tls_mandatory_protocols = !SSLv2 These settings, if put in main.cf, affect all Postfix SMTP client or server communication, which may be undesirable. To be more selective, use "-o name=value" parameter overrides on specific services in master.cf. Execute the command "postfix reload" to make the changes effective. Modified: head/mail/postfix/Makefile head/mail/postfix/distinfo Modified: head/mail/postfix/Makefile ============================================================================== --- head/mail/postfix/Makefile Sun Aug 2 20:03:40 2015 (r393441) +++ head/mail/postfix/Makefile Sun Aug 2 20:16:26 2015 (r393442) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= postfix -PORTVERSION= 2.11.5 +PORTVERSION= 2.11.6 PORTEPOCH= 1 CATEGORIES= mail ipv6 MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/ \ @@ -36,6 +36,7 @@ USES= perl5 shebangfix cpe SHEBANG_LANG= perl SHEBANG_FILES= auxiliary/qshape/qshape.pl +USE_RC_SUBR= postfix USE_SUBMAKE= yes USE_PERL5= build SCRIPTS_ENV+= POSTFIX_DEFAULT_MTA="${POSTFIX_DEFAULT_MTA}" @@ -100,8 +101,6 @@ MAKEFILEFLAGS+= DEBUG= MAKEFILEFLAGS+= CC="${CC}" OPT="${CFLAGS}" -USE_RC_SUBR= postfix - .if ${PORT_OPTIONS:MINST_BASE} PKGNAMESUFFIX= -base PREFIX= /usr Modified: head/mail/postfix/distinfo ============================================================================== --- head/mail/postfix/distinfo Sun Aug 2 20:03:40 2015 (r393441) +++ head/mail/postfix/distinfo Sun Aug 2 20:16:26 2015 (r393442) @@ -1,5 +1,5 @@ -SHA256 (postfix/postfix-2.11.5.tar.gz) = 0a4cc61f6d6c57eee676d4e78a42b2d29f8b0f406277d350bc0928f51efa3187 -SIZE (postfix/postfix-2.11.5.tar.gz) = 4036256 +SHA256 (postfix/postfix-2.11.6.tar.gz) = 77f35574c78cf5ac468061c38037c4f858ead7554e2314e7760c30328f08591e +SIZE (postfix/postfix-2.11.6.tar.gz) = 4030414 SHA256 (postfix/postfix-2.8.0-libspf2-1.2.x-0.patch.gz) = e5c38e5bc226cab109c02a4e530ab1aefd3bb06f2169f3e052bdf83d2727aacc SIZE (postfix/postfix-2.8.0-libspf2-1.2.x-0.patch.gz) = 8191 SHA256 (postfix/postfix-vda-v13-2.10.0.patch) = 6208021eb0b37ac6482e334e538ed5700cc22c4d4dd66ed9e975ae5f20bf935f
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201508022016.t72KGR06023523>